CLAIM AMENDMENTS 



Please amend the claims to be as follows. 

1 . (currently amended) A method of processing a packet sent to a provider network, the 
method comprising: 

receiving the packet via a first user port at a first edge switch of the network, wherein 
the first user port is an input port of the first edge switch; 

determining forwarding and routing by the first edge switch based on a user VLAN 
identifier (VID) of a user VLAN tag for the packet; 

creating a tunnel from the first user port at the first edge switch to a second user port 
at a second edge switch using double VLAN tagging by inserting a provider 
VLAN tag, including a provider VID, into the packet at a first provider port at 
the first edge switch prior to transmission of the packet via the first provider 
port and stripping the provider VLAN tag from the packet after the packet is 
received by a second provider port at the second edge switch, wherein the first 
provider port is an output port of the first edge switch, wherein the second 
provider port is an input port of the second edge switch, and wherein the 
second user port is an output port of the second edge switch; and 

utilizing the user VLAN tag by a middle switch to determine a class of service for the 
packet so as to provide providing a user-expected service level in relation to 
traffic flowing through said tunnel. 

2. (original) The method of claim 1, further comprising: 

forwarding and routing the packet by a middle switch based on the provider VLAN 
tag. 

3. (currently amended) The method of claim 1, wherein the packet received includes [[a]] 
the user VLAN tag, and wherein the user VID is derived from the user VLAN tag. 
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4. (original) The method of claim 1, wherein the packet received does not include a user 
VLAN tag, and wherein the user VID is assigned to be a port VID associated with the 
user port. 

5. (original) The method of claim 1, wherein the provider VID comprises a VID of a 
destination VLAN. 

6. (original) The method of claim 1, wherein the provider VID comprises a port VID 
associated with the input port. 

7. (currently amended) The method of claim 1, wherein the first edge switch also 
determines [[a]] the class of service (COS) for the packet based on the user VLAN tag. 

8. (previously presented) The method of claim 1, wherein the first edge switch determines 
the security action for the packet based on the user VLAN tag. 

9. (canceled) 

10. (previously presented) The method of claim 1, wherein the packet is routed to more than 
one middle switch before arriving at the second edge switch. 

1 1 . (currently amended) A switch apparatus for processing a packet sent to a provider 
network, the apparatus comprising: 

a user port for receiving the packet, the user port being an input port of the switch 
apparatus; 

forwarding logic for determining forwarding and routing based on a user VLAN 

identifier (VID) of a user VLAN tag for the packet , including determination of 
a class of service based on the user VLAN tag ; and 
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a provider port that inserts a provider VLAN tag, including a provider VID, into the 
packet prior to transmission of the packet such that the transmitted packet has 
at least two VLAN tags, the provider port being an output port of the switch 
apparatus, such that a tunnel is created from the user port of the switch 
apparatus to another user port of a different switch apparatus, wherein a user- 
expected service level is provided in relation to traffic flowing through said 
tunnel. 



12. (currently amended) A system for processing packets sent to a provider network, the 
system comprising: 

a first switch configured to receive a packet via a user port, to determine routing and 
forwarding for the packet based on a user VID of a user VLAN tag, and to 
insert a provider VLAN tag into the packet at a provider port prior to 
transmission of the packet such that the transmitted packet has at least two 
VLAN tags therein; [[and]] 

a second switch configured to receive the packet having at least two VLAN tags via a 
provider port, to strip the provider VLAN tag from the packet at the provider 
port, and to determine routing and forwarding for the packet based on the user 
VID for the user VLAN ta g; and 

a middle switch communicatively coupled between the first and second switches , 

wherein a tunnel is created between the user port of the first switch and a user port of 
the second switch, and 

wherein a service level is provided in relation to traffic flowing through said tunnel 
which provides a security action of dropping the packet or forwarding the 
packet to management software., 

wherein the security action is determined based on the user VLAN tag . 

13. (canceled) 

14. (original) The system of claim 12, further comprising utilization of a class of service 
(COS) for routing and forwarding of the packet that is based on the user VID. 
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15. (canceled) 

16. (currently amended) A method of routing and forwarding a packet using double Q 
tagging by inserting a provider VLAN tag at a provider port of a first switch in addition 
to a user VLAN tag to create a tunnel between a user port of the first switch and a user 
port of a second switch, wherein a user-expected service level is provided in relation to 
traffic flowing through the tunnel by utilization of the user VLAN tag by a middle switch 
to determine a class of service for the packet , and wherein the provider VLAN tag is 
removed at a provider port of the second switch. 

17. (canceled) 

18. (canceled) 

19. (currently amended) An apparatus for processing a packet sent to a provider network, 
the apparatus comprising: 

means for receiving the packet via a user port of an edge switch of the network, the 
user port being an ingress port for the edge switch; 

means for determining forwarding and routing by the edge switch based on a user 

VLAN identifier (VID) of a user VLAN tag for the packe t and for determining 
a class of service based on the user VLAN tag ; and 

means for inserting a provider VLAN tag, including a provider VID, into the packet at 
a provider port of the edge switch prior to transmission of the packet via the 
provider port, the provider port being an egress port of the edge switch, such 
that a tunnel is created between the user port of the edge switch and a user port 
of a different edge switch, wherein a service level is provided in relation to 
traffic flowing through said tunnel. 
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